/**
 * 验证用户是否拥有某权限
 */
exports.hasPermission = (permission) => {
	return (req, res, next) => {
		if (req.userInfo.isSuper) return next();

		const userAllPermission = new Set(req.userInfo.permissions);
		for (let permissionItem of permission) {
			if (userAllPermission.has(permissionItem)) return next();
		}

		return res.json({ code: 401, msg: "没有权限!" });
	};
};

/**
 * 验证用户是否拥有某角色
 */
exports.hasRole = (role) => {
	return (req, res, next) => {
		if (req.userInfo.isSuper) return next();

		const userAllRole = new Set(req.userInfo.role);
		for (let roleItem of role) {
			if (userAllRole.has(roleItem)) return next();
		}

		return res.json({ code: 401, msg: "没有权限!" });
	};
};
